Do you recognize a good idea when you see one? We want to hear from you!
Header Image

I suggest you ...

SSL VPN: Convert .ovpn to .apc/.epc for Site-to-Site SSL Tunnels

Please make a tool to conver regular openvpn configuartion files to your apc/epc format. Without such a tool it is impossible to use an astaro as client for existing openvpn server.

774 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    Ruben PüttmannRuben Püttmann shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    78 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • Anonymous commented  ·   ·  Flag as inappropriate

        please can you make this possible... this is a real killer on this firewall for me... I have been able to make Pfsense do it... with VPN providers becoming more prevalent this would be useful for many people

      • coewarcoewar commented  ·   ·  Flag as inappropriate

        I have built my own IPSEC VPN routers using the StrongSWAN stuff. I can help you do it too; we ditched a lot of our Sophos Astaro units.

      • Anonymous commented  ·   ·  Flag as inappropriate

        I'm amazed that sophos is ignoring so many requests. Considering that so many of the building blocks, such as openvpn, ipv6 tunnels and proxy servers are supported, it makes no sense why this feature has not been implemented. I'm running out of patience. I've avoided pfsense because it wouldn't run on hyper-v, but that has changed with the latest release. I'm giving it a close look. I would rather not stop using utm, but I do not like having to manually manage a vpn.

      • Anonymous commented  ·   ·  Flag as inappropriate

        hello sophos,

        needless to say that I also really would like to have this feature (for a lot of reasons (:P)

        what is my suggestion?

        well, I understand, that is quite difficult to have this feature implemented in the GUI of the the UTM ... for the complexity of modes, parameters and ....

        so, offer a external command line tool for this conversion (linux, win, java)

      • Anonymous commented  ·   ·  Flag as inappropriate

        Sophos, please take action on that and bring us OpenVPN client to Sophos UTM.
        Others are also capable acting as an OpenVPN Client.

      • j0nj0n commented  ·   ·  Flag as inappropriate

        Ya, Sophos is okay, but I'm switching back to pfsense at home (has OpenVPN support), and choosing Fortinet for the office.

      • ChrizChriz commented  ·   ·  Flag as inappropriate

        Sophos - do something. People are migrating away from UTM because the Lack of this feature.

      • DucsterDucster commented  ·   ·  Flag as inappropriate

        Since this request is now older than 4 years, I hope this will be finally implemented.

      • DaveDave commented  ·   ·  Flag as inappropriate

        Sophos, this really isn't all that hard to achieve. I understand there may be specific additional options which are outside the parameters of the standard OVPN client configuration files - but why make it so hard to utilise a UTM as an OpenVPN endpoint when UTM itself uses OpenVPN for VPN?

        It really is very simple. Allow a download of a ZIP archive containing both the APC/EPC format AND the OpenVPN client configuration files, and allow for either option in the import. If you export a config from another UTM; upload the entire archive with APE/EPC and ignore the OpenVPN client configuration in the same way UTM works currently. If somebody chooses to import an .OVPN file, then manually request whatever additional information UTM requires to get a working tunnel going.

        Having looked into a .APC file myself I cannot see what possible need there is to enforce this proprietary standard on the users of UTM. I had planned on using the UTM as a private VPN client device in site-to-site mode, but having discovered it is impossible to get it working with a well-known standard configuration file - I am now left to looking for alternatives. I know all too well that behind the scenes UTM simply employs standard OVPN files based upon the APC format - so I really cannot see why this capability would be impossible to achieve.

        With more than twice as many votes as the next VPN feature request, make sure this one is in the next release! I am not the only one entirely frustrated by such a ridiculously pointless proprietary standard on an open source framework.

      ← Previous 1 3 4

      Feedback and Knowledge Base